Aggregator

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on

Cops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon'
The Dutch National Police, working with the FBI, say they've disrupted the Redline and Meta info-stealing malware services after obtaining "full access" to them, including source code and extensive details pertaining to their users, with follow-on "legal actions" now "underway."

Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.

Исследователи выявили плюсы и минусы новой тенденции.

For the latest discoveries in cyber research for the week of 28th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grupo Aeroportuario del Centro Norte (OMA), operator of 13 airports across Mexico, was hacked by the RansomHub ransomware gang, who threatened to leak 3TB of stolen data unless a ransom is paid. […]

The post 28th October – Threat Intelligence Report appeared first on Check Point Research.

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers

The Cyber Centre’s Learning Hub offers courses on basic, advanced and specialized topics in cyber security for employees of the Government of Canada and those who work on systems of importance to the Government of Canada.

美国版权局拒绝了游戏历史基金会 Video Game History Foundation（VGHF）提出的用于游戏保存的 DMCA 豁免。游戏通常会使用 DRM 反盗版措施，但随着时间的推移，DRM 可能会导致游戏无法在新系统运行，为了正常运行可能需要设法移除 DRM，但这违反了 DMCA 反规避条款。VGHF 希望能豁免游戏保存的 DRM 规避。然而美国版权局拒绝了 VGHF 的请求，认为对于用户是谁或他们为什么要访问游戏，VGHF 没有予以明确。VGHF 去年进行的一项研究发现，87% 的游戏处于极度濒危状态，因为保存它们变得愈来愈困难。

A vulnerability classified as critical has been found in Carnegie Mellon University Cyrus IMAP Server 1.4. This affects an unknown part of the file imapparse.c. The manipulation leads to integer coercion error. This vulnerability is uniquely identified as CVE-2002-1580. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

点击下方小卡片关注情报分析师“ 今天小编为大家推荐一本神秘职业的电子书《间谍技术内部人士指南》。本书阐述了间

在Linux内核中，可以通过分配对象来对UAF、OOB等漏洞对象进行占位进行漏洞利用。内核中有许多可利用对象，某些对象有非常强大的利用原语，可以通过这些对象及其操作函数来实现权限提升。本文对Linux可利用的对象进行了统计和总结。

The Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in "Operation Magnus," warning cybercriminals that their data is now in the hands of law enforcement. [...]

Entrust announced an all-in-one consumer banking platform that allows banks and credit unions to provide high-assurance security throughout the customer lifecycle – from account opening to financial credential issuance to on-going, everyday transactions and interactions. The solution integrates leading AI-driven identity verification technology with physical and digital card issuance capabilities to transform the consumer banking experience, dramatically reducing fraud at account opening and providing smart continuous account protection. Approximately 82% of consumers say they access … More →

The post Entrust helps banks fight fraud during account opening appeared first on Help Net Security.

A vulnerability, which was classified as critical, was found in pyLoad up to 0.5.0b3.dev86. This affects an unknown part of the file /.pyload/scripts. The manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2024-47821. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SchedMD Slurm. It has been rated as critical. Affected by this issue is some unknown functionality of the component stepmgr. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2024-48936. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Sunnet eHRD CTMS up to 9.x and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-10440. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Genians NAC and NAC LTS. It has been classified as problematic. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2024-23843. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Kubell Chatwork Desktop Application up to 2.9.1 on Windows. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to use of potentially dangerous function. This vulnerability was named CVE-2024-50307. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.